<?php
/**
*
* @package YubiKey Login
* @version 1.0.3
* @copyright (c) 2010 Tim Schlueter
* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
*
*/

/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
	exit;
}

class ucp_yubikey_reset
{
	var $u_action;

	function main($id, $mode)
	{
		global $phpbb_root_path, $phpEx;
		global $db, $user, $template, $config;

		$submit	= (isset($_POST['submit'])) ? true : false;
		$user_id = request_var('u', 0);
		$key = request_var('k', '');
		
		$form_name = 'ucp_yubikey_reset';
		add_form_key($form_name);

		if ($submit && !check_form_key($form_name))
		{
			trigger_error($user->lang['FORM_INVALID'], E_USER_WARNING);
		}

		// Verify user and key
		$sql = 'SELECT * FROM ' . YUBIKEY_TABLE . ' WHERE user_id = ' . (int) $user_id;
		$result = $db->sql_query($sql);
		$user_row = $db->sql_fetchrow($result);
		$db->sql_freeresult($result);

		if (!$user_row)
		{
			meta_refresh(5, append_sid("{$phpbb_root_path}index.$phpEx"));
			trigger_error('ACCOUNT_YUBIKEY_NO_USER', E_USER_WARNING);
		}

		if (!$user_row['lost_key'] || $user_row['lost_key'] != $key)
		{
			meta_refresh(5, append_sid("{$phpbb_root_path}index.$phpEx"));
			trigger_error('ACCOUNT_YUBIKEY_CONFIRM_LINK_EXPIRED', E_USER_WARNING);
		}

		$error = '';

		if ($submit)
		{
			include $phpbb_root_path . 'includes/functions_yubikey.' . $phpEx;

			// Get YubiKey OTP
			$otp = strtolower(trim(request_var('yubikey_otp', '')));
			if($otp != '')
			{
				$reset = reset_yubikey($otp, $user_id);

				if($reset['status'])
				{
					meta_refresh(5, append_sid("{$phpbb_root_path}index.$phpEx"));
					trigger_error('YUBIKEY_ADDED');
				}
				else
				{
					$error = $reset['error_msg'];
				}
			}
		}

		// Set up the page
		$this->tpl_name = 'ucp_yubikey_reset';
		$this->page_title = 'YUBIKEY_RESET';

		$template->assign_vars(array(
			'U_RESET'	=> append_sid("{$phpbb_root_path}ucp.$phpEx?mode=yubikey_reset&u={$user_row['user_id']}&k=$key"),
			
			'ERROR'		=> ($error != '')? $error : false,
		));
	}
}

?>